Security containers are emerging as a common design pattern in SDN (software defined network) systems for applying security policies. A security container is an application and data container with associated security policies. Containers are commonly implemented as virtualized infrastructure with network segmentation using physical compute, networking and storage. Security policies define firewalls and anti-malware protection, among other security protections. Examples of security containers include Security Groups in VMware NSX and Endpoint Groups in Cisco Application Centric Infrastructure.
It is common in an SDN system to manually, i.e., administratively, define a security group with, for example, firewalls and anti-malware protection. Virtual applications, with applications and virtual machines, are then manually or administratively deployed as workloads into security groups. The process of manually or administratively deploying a virtual application into a security group is time-consuming and error-prone. Therefore, there is a need in the art for a solution which overcomes the drawbacks described above.